package com.rainy.sso.server.web;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

/**
 * @author liuqin on 2017/12/22
 */
@Controller
public class LoginController {

    @RequestMapping("login")
    public String login(){
        return "login";
    }

    @RequestMapping("login/in")
    public String login(String username,String password){
        UsernamePasswordToken token = new UsernamePasswordToken(username,password);
        Subject currentUser = SecurityUtils.getSubject();
        if (!currentUser.isAuthenticated()){
            token.setRememberMe(true);
            currentUser.login(token);
        }
        return "main";
    }

    @RequestMapping("logout")
    @ResponseBody
    public String logout(){
        Subject currentUser = SecurityUtils.getSubject();
        currentUser.logout();
        return "退出成功！";
    }

    @RequiresPermissions("/main")
    @RequestMapping("main")
    public String main(){
        return "main";
    }

}
